Skip to main content

Installation Instruction

The APP module is installed first. Optional modules — SAST, DAST, SCA — can be installed in no preferred order.

APP module installation

  1. Download and unpack the distribution archive.

  2. In terminal, open the extracted archive directory.

  3. Run:

    sudo bash actions.sh | sudo tee -a /tmp/derscanner_APP.log

    and follow the instructions.

SAST, DAST, SCA modules installation

  1. Download and unpack the distribution archive.

  2. In terminal, open the extracted archive directory.

  3. Run:

    for SAST:

    sudo bash actions.sh | sudo tee -a /tmp/derscanner_SAST.log

    for DAST:

    sudo bash actions.sh | sudo tee -a /tmp/derscanner_DAST.log

    for SCA:

    sudo bash actions.sh | sudo tee -a /tmp/derscanner_OSA.log

    and follow the instructions.

  4. If the module gets installed on a different server than APP, change the queueURI value in /opt/derscanner/core/sast/configs/sast-daemon.env to the APP server address. I.e., queueURI=tcp://10.10.10.10:61616. After that, restart the module service (SAST module is used as an example):

    sudo systemctl restart derscanner-sast.service

System configuration

  1. In a web browser of the APP module server, go to http://localhost. If you are using a different PC and the installation machine is accessible via network, go to http://*APP_module_installation_address*.

  2. In the pop-up window suggesting to upload a license, copy the installation identifier and send it via e-mail to create your personal license.

  3. Upload the received license in the interface.

  4. Enter the system with credentials: login: admin, password: *put_admin_password_here*.

  5. Change password in the Account section.

  6. Upload rules (in the same archive as the APP module). Go to Admin Panel > System > Rules and upload Rules.zip.

User Guide can be downloaded via the interface, the About tab. Plugins for TeamCity, Jenkins, Azure DevOps Server, SonarQube, and CLT (command-line tool) integration are located in /opt/derscanner/app/plugins.

GitLab CI integration examples are located in /opt/derscanner/app/integration-patterns/gitlab-clt.zip or /opt/derscanner/app/integration-patterns/gitlab-api.zip.

Deployment/update log is located in /tmp/derscanner_app.log.